From 7e59f820a3ad2adb1561d48ccb3e45d1c2a9effb Mon Sep 17 00:00:00 2001
From: samuel <samuel.campos@netoik.io>
Date: Sun, 8 Mar 2026 16:08:13 +0100
Subject: [PATCH] feat: add csp data type

---
 files/nginx/0_security.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/files/nginx/0_security.conf b/files/nginx/0_security.conf
index bb7742e..7d04bfb 100644
--- a/files/nginx/0_security.conf
+++ b/files/nginx/0_security.conf
@@ -22,7 +22,7 @@ add_header                   X-XSS-Protection                     "1;mode=block"
 add_header                   X-Content-Type-Options               "nosniff"                                                                            always;
 add_header                   X-Permitted-Cross-Domain-Policies    "none"                                                                               always;
 add_header                   Referrer-Policy                      "strict-origin-when-cross-origin"                                                    always;
-add_header                   Content-Security-Policy              "default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; form-action 'self';"    always;
+add_header                   Content-Security-Policy              "default-src 'self' 'unsafe-inline' data:; frame-ancestors 'self'; form-action 'self';"    always;
 add_header                   Cross-Origin-Opener-Policy           "same-origin"                                                                        always;
 add_header                   Cross-Origin-Resource-Policy         "same-site"                                                                          always;
 add_header                   Permissions-Policy                   "geolocation=(), camera=(), microphone=()"                                           always;